Mercurial > hg > nginx
annotate src/mail/ngx_mail_auth_http_module.c @ 9299:2706b60dc225 default tip
Core: error logging rate limiting.
With this change, error logging to files can be rate-limited with
the "rate=" parameter. The parameter specifies allowed log messages
rate to a particular file (per worker), in messages per second (m/s).
By default, "rate=1000m/s" is used.
Rate limiting is implemented using the "leaky bucket" method, similarly
to the limit_req module.
Maximum burst size is set to the number of log messages per second
for each severity level, so "error" messages are logged even if the
rate limit is hit by "info" messages (but not vice versa). When the
limit is reached for a particular level, the "too many log messages,
limiting" message is logged at this level.
If debug logging is enabled, either for the particular log file or for
the particular connection, rate limiting is not used.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 25 Jun 2024 22:58:56 +0300 |
parents | 4538c1ffb0f8 |
children |
rev | line source |
---|---|
521 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
521 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_event.h> | |
11 #include <ngx_event_connect.h> | |
1136 | 12 #include <ngx_mail.h> |
521 | 13 |
14 | |
15 typedef struct { | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
16 ngx_addr_t *peer; |
521 | 17 |
527 | 18 ngx_msec_t timeout; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
19 ngx_flag_t pass_client_cert; |
521 | 20 |
527 | 21 ngx_str_t host_header; |
22 ngx_str_t uri; | |
573 | 23 ngx_str_t header; |
24 | |
25 ngx_array_t *headers; | |
1392 | 26 |
27 u_char *file; | |
28 ngx_uint_t line; | |
1136 | 29 } ngx_mail_auth_http_conf_t; |
521 | 30 |
31 | |
1136 | 32 typedef struct ngx_mail_auth_http_ctx_s ngx_mail_auth_http_ctx_t; |
527 | 33 |
1136 | 34 typedef void (*ngx_mail_auth_http_handler_pt)(ngx_mail_session_t *s, |
35 ngx_mail_auth_http_ctx_t *ctx); | |
527 | 36 |
1136 | 37 struct ngx_mail_auth_http_ctx_s { |
527 | 38 ngx_buf_t *request; |
39 ngx_buf_t *response; | |
40 ngx_peer_connection_t peer; | |
41 | |
1136 | 42 ngx_mail_auth_http_handler_pt handler; |
527 | 43 |
44 ngx_uint_t state; | |
45 | |
46 u_char *header_name_start; | |
47 u_char *header_name_end; | |
48 u_char *header_start; | |
49 u_char *header_end; | |
50 | |
51 ngx_str_t addr; | |
52 ngx_str_t port; | |
53 ngx_str_t err; | |
567 | 54 ngx_str_t errmsg; |
1136 | 55 ngx_str_t errcode; |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
56 ngx_str_t errsasl; |
527 | 57 |
547 | 58 time_t sleep; |
527 | 59 |
547 | 60 ngx_pool_t *pool; |
527 | 61 }; |
521 | 62 |
63 | |
1136 | 64 static void ngx_mail_auth_http_write_handler(ngx_event_t *wev); |
65 static void ngx_mail_auth_http_read_handler(ngx_event_t *rev); | |
66 static void ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, | |
67 ngx_mail_auth_http_ctx_t *ctx); | |
68 static void ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, | |
69 ngx_mail_auth_http_ctx_t *ctx); | |
70 static void ngx_mail_auth_sleep_handler(ngx_event_t *rev); | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
71 static void ngx_mail_auth_send_error(ngx_mail_session_t *s); |
1136 | 72 static ngx_int_t ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
73 ngx_mail_auth_http_ctx_t *ctx); | |
74 static void ngx_mail_auth_http_block_read(ngx_event_t *rev); | |
75 static void ngx_mail_auth_http_dummy_handler(ngx_event_t *ev); | |
76 static ngx_buf_t *ngx_mail_auth_http_create_request(ngx_mail_session_t *s, | |
77 ngx_pool_t *pool, ngx_mail_auth_http_conf_t *ahcf); | |
78 static ngx_int_t ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, | |
633 | 79 ngx_str_t *escaped); |
521 | 80 |
1136 | 81 static void *ngx_mail_auth_http_create_conf(ngx_conf_t *cf); |
82 static char *ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | |
521 | 83 void *child); |
1136 | 84 static char *ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
85 static char *ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
573 | 86 void *conf); |
521 | 87 |
88 | |
1136 | 89 static ngx_command_t ngx_mail_auth_http_commands[] = { |
521 | 90 |
91 { ngx_string("auth_http"), | |
1136 | 92 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
93 ngx_mail_auth_http, | |
94 NGX_MAIL_SRV_CONF_OFFSET, | |
521 | 95 0, |
96 NULL }, | |
97 | |
98 { ngx_string("auth_http_timeout"), | |
1136 | 99 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, |
521 | 100 ngx_conf_set_msec_slot, |
1136 | 101 NGX_MAIL_SRV_CONF_OFFSET, |
102 offsetof(ngx_mail_auth_http_conf_t, timeout), | |
521 | 103 NULL }, |
104 | |
573 | 105 { ngx_string("auth_http_header"), |
1136 | 106 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE2, |
107 ngx_mail_auth_http_header, | |
108 NGX_MAIL_SRV_CONF_OFFSET, | |
573 | 109 0, |
110 NULL }, | |
111 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
112 { ngx_string("auth_http_pass_client_cert"), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
113 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
114 ngx_conf_set_flag_slot, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
115 NGX_MAIL_SRV_CONF_OFFSET, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
116 offsetof(ngx_mail_auth_http_conf_t, pass_client_cert), |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
117 NULL }, |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
118 |
521 | 119 ngx_null_command |
120 }; | |
121 | |
122 | |
1136 | 123 static ngx_mail_module_t ngx_mail_auth_http_module_ctx = { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
124 NULL, /* protocol */ |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
125 |
521 | 126 NULL, /* create main configuration */ |
127 NULL, /* init main configuration */ | |
128 | |
1136 | 129 ngx_mail_auth_http_create_conf, /* create server configuration */ |
130 ngx_mail_auth_http_merge_conf /* merge server configuration */ | |
521 | 131 }; |
132 | |
133 | |
1136 | 134 ngx_module_t ngx_mail_auth_http_module = { |
521 | 135 NGX_MODULE_V1, |
1136 | 136 &ngx_mail_auth_http_module_ctx, /* module context */ |
137 ngx_mail_auth_http_commands, /* module directives */ | |
138 NGX_MAIL_MODULE, /* module type */ | |
541 | 139 NULL, /* init master */ |
521 | 140 NULL, /* init module */ |
541 | 141 NULL, /* init process */ |
142 NULL, /* init thread */ | |
143 NULL, /* exit thread */ | |
144 NULL, /* exit process */ | |
145 NULL, /* exit master */ | |
146 NGX_MODULE_V1_PADDING | |
521 | 147 }; |
148 | |
149 | |
1136 | 150 static ngx_str_t ngx_mail_auth_http_method[] = { |
151 ngx_string("plain"), | |
809 | 152 ngx_string("plain"), |
2748
2477b28eaccb
fix Auth-Method, the bug has been introduced in r2496
Igor Sysoev <igor@sysoev.ru>
parents:
2388
diff
changeset
|
153 ngx_string("plain"), |
809 | 154 ngx_string("apop"), |
2309 | 155 ngx_string("cram-md5"), |
6774
bcb107bb89cd
Mail: support SASL EXTERNAL (RFC 4422).
Rob N ★ <robn@fastmail.com>
parents:
6597
diff
changeset
|
156 ngx_string("external"), |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
157 ngx_string("xoauth2"), |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
158 ngx_string("oauthbearer"), |
2309 | 159 ngx_string("none") |
800 | 160 }; |
521 | 161 |
1136 | 162 static ngx_str_t ngx_mail_smtp_errcode = ngx_string("535 5.7.0"); |
521 | 163 |
1477 | 164 |
521 | 165 void |
1136 | 166 ngx_mail_auth_http_init(ngx_mail_session_t *s) |
521 | 167 { |
168 ngx_int_t rc; | |
547 | 169 ngx_pool_t *pool; |
1136 | 170 ngx_mail_auth_http_ctx_t *ctx; |
171 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 172 |
541 | 173 s->connection->log->action = "in http auth state"; |
174 | |
547 | 175 pool = ngx_create_pool(2048, s->connection->log); |
176 if (pool == NULL) { | |
1136 | 177 ngx_mail_session_internal_server_error(s); |
521 | 178 return; |
179 } | |
180 | |
1136 | 181 ctx = ngx_pcalloc(pool, sizeof(ngx_mail_auth_http_ctx_t)); |
547 | 182 if (ctx == NULL) { |
183 ngx_destroy_pool(pool); | |
1136 | 184 ngx_mail_session_internal_server_error(s); |
547 | 185 return; |
186 } | |
187 | |
188 ctx->pool = pool; | |
189 | |
1136 | 190 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 191 |
1136 | 192 ctx->request = ngx_mail_auth_http_create_request(s, pool, ahcf); |
521 | 193 if (ctx->request == NULL) { |
547 | 194 ngx_destroy_pool(ctx->pool); |
1136 | 195 ngx_mail_session_internal_server_error(s); |
521 | 196 return; |
197 } | |
198 | |
1136 | 199 ngx_mail_set_ctx(s, ctx, ngx_mail_auth_http_module); |
521 | 200 |
884 | 201 ctx->peer.sockaddr = ahcf->peer->sockaddr; |
202 ctx->peer.socklen = ahcf->peer->socklen; | |
203 ctx->peer.name = &ahcf->peer->name; | |
204 ctx->peer.get = ngx_event_get_peer; | |
521 | 205 ctx->peer.log = s->connection->log; |
206 ctx->peer.log_error = NGX_ERROR_ERR; | |
207 | |
208 rc = ngx_event_connect_peer(&ctx->peer); | |
209 | |
543 | 210 if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { |
862
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
211 if (ctx->peer.connection) { |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
212 ngx_close_connection(ctx->peer.connection); |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
213 } |
6044cea025fa
fix segfault when connect() failed
Igor Sysoev <igor@sysoev.ru>
parents:
856
diff
changeset
|
214 |
547 | 215 ngx_destroy_pool(ctx->pool); |
1136 | 216 ngx_mail_session_internal_server_error(s); |
521 | 217 return; |
218 } | |
219 | |
220 ctx->peer.connection->data = s; | |
221 ctx->peer.connection->pool = s->connection->pool; | |
222 | |
1136 | 223 s->connection->read->handler = ngx_mail_auth_http_block_read; |
224 ctx->peer.connection->read->handler = ngx_mail_auth_http_read_handler; | |
225 ctx->peer.connection->write->handler = ngx_mail_auth_http_write_handler; | |
521 | 226 |
1136 | 227 ctx->handler = ngx_mail_auth_http_ignore_status_line; |
527 | 228 |
541 | 229 ngx_add_timer(ctx->peer.connection->read, ahcf->timeout); |
230 ngx_add_timer(ctx->peer.connection->write, ahcf->timeout); | |
231 | |
521 | 232 if (rc == NGX_OK) { |
1136 | 233 ngx_mail_auth_http_write_handler(ctx->peer.connection->write); |
521 | 234 return; |
235 } | |
236 } | |
237 | |
238 | |
239 static void | |
1136 | 240 ngx_mail_auth_http_write_handler(ngx_event_t *wev) |
521 | 241 { |
242 ssize_t n, size; | |
243 ngx_connection_t *c; | |
1136 | 244 ngx_mail_session_t *s; |
245 ngx_mail_auth_http_ctx_t *ctx; | |
246 ngx_mail_auth_http_conf_t *ahcf; | |
521 | 247 |
248 c = wev->data; | |
249 s = c->data; | |
250 | |
1136 | 251 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 252 |
1136 | 253 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, wev->log, 0, |
254 "mail auth http write handler"); | |
521 | 255 |
577 | 256 if (wev->timedout) { |
521 | 257 ngx_log_error(NGX_LOG_ERR, wev->log, NGX_ETIMEDOUT, |
884 | 258 "auth http server %V timed out", ctx->peer.name); |
1478 | 259 ngx_close_connection(c); |
547 | 260 ngx_destroy_pool(ctx->pool); |
1136 | 261 ngx_mail_session_internal_server_error(s); |
521 | 262 return; |
263 } | |
264 | |
265 size = ctx->request->last - ctx->request->pos; | |
266 | |
267 n = ngx_send(c, ctx->request->pos, size); | |
268 | |
269 if (n == NGX_ERROR) { | |
1478 | 270 ngx_close_connection(c); |
547 | 271 ngx_destroy_pool(ctx->pool); |
1136 | 272 ngx_mail_session_internal_server_error(s); |
521 | 273 return; |
274 } | |
275 | |
276 if (n > 0) { | |
277 ctx->request->pos += n; | |
278 | |
279 if (n == size) { | |
1136 | 280 wev->handler = ngx_mail_auth_http_dummy_handler; |
521 | 281 |
282 if (wev->timer_set) { | |
283 ngx_del_timer(wev); | |
284 } | |
285 | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
286 if (ngx_handle_write_event(wev, 0) != NGX_OK) { |
1478 | 287 ngx_close_connection(c); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
288 ngx_destroy_pool(ctx->pool); |
1136 | 289 ngx_mail_session_internal_server_error(s); |
799
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
290 } |
9737d6fb1ac6
disable write level event while waiting auth server response
Igor Sysoev <igor@sysoev.ru>
parents:
633
diff
changeset
|
291 |
521 | 292 return; |
293 } | |
294 } | |
295 | |
296 if (!wev->timer_set) { | |
1136 | 297 ahcf = ngx_mail_get_module_srv_conf(s, ngx_mail_auth_http_module); |
521 | 298 ngx_add_timer(wev, ahcf->timeout); |
299 } | |
300 } | |
301 | |
302 | |
303 static void | |
1136 | 304 ngx_mail_auth_http_read_handler(ngx_event_t *rev) |
521 | 305 { |
525 | 306 ssize_t n, size; |
521 | 307 ngx_connection_t *c; |
1136 | 308 ngx_mail_session_t *s; |
309 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 310 |
311 c = rev->data; | |
312 s = c->data; | |
313 | |
1136 | 314 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
315 "mail auth http read handler"); | |
521 | 316 |
1136 | 317 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
525 | 318 |
577 | 319 if (rev->timedout) { |
525 | 320 ngx_log_error(NGX_LOG_ERR, rev->log, NGX_ETIMEDOUT, |
884 | 321 "auth http server %V timed out", ctx->peer.name); |
1478 | 322 ngx_close_connection(c); |
547 | 323 ngx_destroy_pool(ctx->pool); |
1136 | 324 ngx_mail_session_internal_server_error(s); |
525 | 325 return; |
326 } | |
327 | |
328 if (ctx->response == NULL) { | |
547 | 329 ctx->response = ngx_create_temp_buf(ctx->pool, 1024); |
525 | 330 if (ctx->response == NULL) { |
1478 | 331 ngx_close_connection(c); |
547 | 332 ngx_destroy_pool(ctx->pool); |
1136 | 333 ngx_mail_session_internal_server_error(s); |
525 | 334 return; |
335 } | |
336 } | |
337 | |
527 | 338 size = ctx->response->end - ctx->response->last; |
525 | 339 |
340 n = ngx_recv(c, ctx->response->pos, size); | |
341 | |
527 | 342 if (n > 0) { |
343 ctx->response->last += n; | |
344 | |
345 ctx->handler(s, ctx); | |
346 return; | |
347 } | |
348 | |
349 if (n == NGX_AGAIN) { | |
525 | 350 return; |
351 } | |
352 | |
1478 | 353 ngx_close_connection(c); |
547 | 354 ngx_destroy_pool(ctx->pool); |
1136 | 355 ngx_mail_session_internal_server_error(s); |
527 | 356 } |
525 | 357 |
358 | |
527 | 359 static void |
1136 | 360 ngx_mail_auth_http_ignore_status_line(ngx_mail_session_t *s, |
361 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 362 { |
363 u_char *p, ch; | |
364 enum { | |
365 sw_start = 0, | |
366 sw_H, | |
367 sw_HT, | |
368 sw_HTT, | |
369 sw_HTTP, | |
370 sw_skip, | |
371 sw_almost_done | |
372 } state; | |
373 | |
1136 | 374 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
375 "mail auth http process status line"); | |
527 | 376 |
377 state = ctx->state; | |
378 | |
379 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
380 ch = *p; | |
381 | |
382 switch (state) { | |
383 | |
384 /* "HTTP/" */ | |
385 case sw_start: | |
386 if (ch == 'H') { | |
387 state = sw_H; | |
388 break; | |
389 } | |
390 goto next; | |
391 | |
392 case sw_H: | |
393 if (ch == 'T') { | |
394 state = sw_HT; | |
395 break; | |
396 } | |
397 goto next; | |
398 | |
399 case sw_HT: | |
400 if (ch == 'T') { | |
401 state = sw_HTT; | |
402 break; | |
403 } | |
404 goto next; | |
405 | |
406 case sw_HTT: | |
407 if (ch == 'P') { | |
408 state = sw_HTTP; | |
409 break; | |
410 } | |
411 goto next; | |
412 | |
413 case sw_HTTP: | |
414 if (ch == '/') { | |
415 state = sw_skip; | |
416 break; | |
417 } | |
418 goto next; | |
419 | |
420 /* any text until end of line */ | |
421 case sw_skip: | |
422 switch (ch) { | |
423 case CR: | |
424 state = sw_almost_done; | |
425 | |
426 break; | |
577 | 427 case LF: |
527 | 428 goto done; |
429 } | |
430 break; | |
431 | |
432 /* end of status line */ | |
433 case sw_almost_done: | |
434 if (ch == LF) { | |
435 goto done; | |
436 } | |
437 | |
438 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
6480 | 439 "auth http server %V sent invalid response", |
884 | 440 ctx->peer.name); |
527 | 441 ngx_close_connection(ctx->peer.connection); |
547 | 442 ngx_destroy_pool(ctx->pool); |
1136 | 443 ngx_mail_session_internal_server_error(s); |
527 | 444 return; |
445 } | |
446 } | |
447 | |
448 ctx->response->pos = p; | |
449 ctx->state = state; | |
450 | |
451 return; | |
452 | |
453 next: | |
454 | |
455 p = ctx->response->start - 1; | |
456 | |
457 done: | |
458 | |
459 ctx->response->pos = p + 1; | |
460 ctx->state = 0; | |
1136 | 461 ctx->handler = ngx_mail_auth_http_process_headers; |
527 | 462 ctx->handler(s, ctx); |
463 } | |
525 | 464 |
465 | |
527 | 466 static void |
1136 | 467 ngx_mail_auth_http_process_headers(ngx_mail_session_t *s, |
468 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 469 { |
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
470 u_char *p; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
471 time_t timer; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
472 size_t len, size; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
473 ngx_int_t rc, port, n; |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6480
diff
changeset
|
474 ngx_addr_t *peer; |
525 | 475 |
1136 | 476 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
477 "mail auth http process headers"); | |
527 | 478 |
479 for ( ;; ) { | |
1136 | 480 rc = ngx_mail_auth_http_parse_header_line(s, ctx); |
527 | 481 |
482 if (rc == NGX_OK) { | |
483 | |
484 #if (NGX_DEBUG) | |
485 { | |
486 ngx_str_t key, value; | |
487 | |
488 key.len = ctx->header_name_end - ctx->header_name_start; | |
489 key.data = ctx->header_name_start; | |
490 value.len = ctx->header_end - ctx->header_start; | |
491 value.data = ctx->header_start; | |
492 | |
1136 | 493 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
494 "mail auth http header: \"%V: %V\"", | |
527 | 495 &key, &value); |
496 } | |
497 #endif | |
498 | |
499 len = ctx->header_name_end - ctx->header_name_start; | |
500 | |
501 if (len == sizeof("Auth-Status") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
502 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
503 (u_char *) "Auth-Status", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
504 sizeof("Auth-Status") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
505 == 0) |
527 | 506 { |
507 len = ctx->header_end - ctx->header_start; | |
508 | |
509 if (len == 2 | |
510 && ctx->header_start[0] == 'O' | |
511 && ctx->header_start[1] == 'K') | |
512 { | |
513 continue; | |
514 } | |
515 | |
883 | 516 if (len == 4 |
517 && ctx->header_start[0] == 'W' | |
518 && ctx->header_start[1] == 'A' | |
519 && ctx->header_start[2] == 'I' | |
520 && ctx->header_start[3] == 'T') | |
521 { | |
522 s->auth_wait = 1; | |
523 continue; | |
524 } | |
525 | |
567 | 526 ctx->errmsg.len = len; |
527 ctx->errmsg.data = ctx->header_start; | |
528 | |
1136 | 529 switch (s->protocol) { |
530 | |
531 case NGX_MAIL_POP3_PROTOCOL: | |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
532 size = sizeof("-ERR ") - 1 + len + sizeof(CRLF) - 1; |
1136 | 533 break; |
527 | 534 |
1136 | 535 case NGX_MAIL_IMAP_PROTOCOL: |
854
1673f197bc62
fix segfault when many auth failures occurred
Igor Sysoev <igor@sysoev.ru>
parents:
809
diff
changeset
|
536 size = s->tag.len + sizeof("NO ") - 1 + len |
527 | 537 + sizeof(CRLF) - 1; |
1136 | 538 break; |
539 | |
540 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
541 ctx->err = ctx->errmsg; | |
542 continue; | |
527 | 543 } |
544 | |
2061
b0a1c84725cf
change useless ngx_pcalloc() to ngx_pnalloc()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
545 p = ngx_pnalloc(s->connection->pool, size); |
527 | 546 if (p == NULL) { |
543 | 547 ngx_close_connection(ctx->peer.connection); |
547 | 548 ngx_destroy_pool(ctx->pool); |
1136 | 549 ngx_mail_session_internal_server_error(s); |
527 | 550 return; |
551 } | |
552 | |
553 ctx->err.data = p; | |
554 | |
1136 | 555 switch (s->protocol) { |
527 | 556 |
1136 | 557 case NGX_MAIL_POP3_PROTOCOL: |
558 *p++ = '-'; *p++ = 'E'; *p++ = 'R'; *p++ = 'R'; *p++ = ' '; | |
559 break; | |
560 | |
561 case NGX_MAIL_IMAP_PROTOCOL: | |
527 | 562 p = ngx_cpymem(p, s->tag.data, s->tag.len); |
1136 | 563 *p++ = 'N'; *p++ = 'O'; *p++ = ' '; |
564 break; | |
565 | |
566 default: /* NGX_MAIL_SMTP_PROTOCOL */ | |
567 break; | |
527 | 568 } |
569 | |
570 p = ngx_cpymem(p, ctx->header_start, len); | |
571 *p++ = CR; *p++ = LF; | |
572 | |
573 ctx->err.len = p - ctx->err.data; | |
574 | |
575 continue; | |
576 } | |
577 | |
578 if (len == sizeof("Auth-Server") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
579 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
580 (u_char *) "Auth-Server", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
581 sizeof("Auth-Server") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
582 == 0) |
527 | 583 { |
584 ctx->addr.len = ctx->header_end - ctx->header_start; | |
585 ctx->addr.data = ctx->header_start; | |
586 | |
587 continue; | |
588 } | |
589 | |
590 if (len == sizeof("Auth-Port") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
591 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
592 (u_char *) "Auth-Port", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
593 sizeof("Auth-Port") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
594 == 0) |
527 | 595 { |
596 ctx->port.len = ctx->header_end - ctx->header_start; | |
597 ctx->port.data = ctx->header_start; | |
598 | |
599 continue; | |
600 } | |
601 | |
602 if (len == sizeof("Auth-User") - 1 | |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
603 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
604 (u_char *) "Auth-User", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
605 sizeof("Auth-User") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
606 == 0) |
527 | 607 { |
608 s->login.len = ctx->header_end - ctx->header_start; | |
567 | 609 |
2049 | 610 s->login.data = ngx_pnalloc(s->connection->pool, s->login.len); |
567 | 611 if (s->login.data == NULL) { |
612 ngx_close_connection(ctx->peer.connection); | |
613 ngx_destroy_pool(ctx->pool); | |
1136 | 614 ngx_mail_session_internal_server_error(s); |
567 | 615 return; |
616 } | |
617 | |
618 ngx_memcpy(s->login.data, ctx->header_start, s->login.len); | |
527 | 619 |
620 continue; | |
621 } | |
622 | |
800 | 623 if (len == sizeof("Auth-Pass") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
624 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
625 (u_char *) "Auth-Pass", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
626 sizeof("Auth-Pass") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
627 == 0) |
800 | 628 { |
629 s->passwd.len = ctx->header_end - ctx->header_start; | |
630 | |
2049 | 631 s->passwd.data = ngx_pnalloc(s->connection->pool, |
632 s->passwd.len); | |
800 | 633 if (s->passwd.data == NULL) { |
634 ngx_close_connection(ctx->peer.connection); | |
635 ngx_destroy_pool(ctx->pool); | |
1136 | 636 ngx_mail_session_internal_server_error(s); |
800 | 637 return; |
638 } | |
639 | |
640 ngx_memcpy(s->passwd.data, ctx->header_start, s->passwd.len); | |
641 | |
642 continue; | |
643 } | |
644 | |
527 | 645 if (len == sizeof("Auth-Wait") - 1 |
1107
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
646 && ngx_strncasecmp(ctx->header_name_start, |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
647 (u_char *) "Auth-Wait", |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
648 sizeof("Auth-Wait") - 1) |
db7c468c447d
ngx_strcasecmp()/ngx_strncasecmp()
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
649 == 0) |
527 | 650 { |
651 n = ngx_atoi(ctx->header_start, | |
652 ctx->header_end - ctx->header_start); | |
653 | |
654 if (n != NGX_ERROR) { | |
655 ctx->sleep = n; | |
656 } | |
657 | |
658 continue; | |
659 } | |
660 | |
1136 | 661 if (len == sizeof("Auth-Error-Code") - 1 |
662 && ngx_strncasecmp(ctx->header_name_start, | |
663 (u_char *) "Auth-Error-Code", | |
664 sizeof("Auth-Error-Code") - 1) | |
665 == 0) | |
666 { | |
667 ctx->errcode.len = ctx->header_end - ctx->header_start; | |
668 | |
2049 | 669 ctx->errcode.data = ngx_pnalloc(s->connection->pool, |
670 ctx->errcode.len); | |
1136 | 671 if (ctx->errcode.data == NULL) { |
672 ngx_close_connection(ctx->peer.connection); | |
673 ngx_destroy_pool(ctx->pool); | |
674 ngx_mail_session_internal_server_error(s); | |
675 return; | |
676 } | |
677 | |
678 ngx_memcpy(ctx->errcode.data, ctx->header_start, | |
679 ctx->errcode.len); | |
680 | |
681 continue; | |
682 } | |
683 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
684 if (len == sizeof("Auth-Error-SASL") - 1 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
685 && ngx_strncasecmp(ctx->header_name_start, |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
686 (u_char *) "Auth-Error-SASL", |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
687 sizeof("Auth-Error-SASL") - 1) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
688 == 0) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
689 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
690 if (s->auth_method != NGX_MAIL_AUTH_XOAUTH2 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
691 && s->auth_method != NGX_MAIL_AUTH_OAUTHBEARER) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
692 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
693 continue; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
694 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
695 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
696 len = ctx->header_end - ctx->header_start; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
697 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
698 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
699 size = len + sizeof("334 " CRLF) - 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
700 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
701 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
702 size = len + sizeof("+ " CRLF) - 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
703 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
704 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
705 p = ngx_pnalloc(s->connection->pool, size); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
706 if (p == NULL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
707 ngx_close_connection(ctx->peer.connection); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
708 ngx_destroy_pool(ctx->pool); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
709 ngx_mail_session_internal_server_error(s); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
710 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
711 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
712 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
713 ctx->errsasl.len = size; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
714 ctx->errsasl.data = p; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
715 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
716 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
717 *p++ = '3'; *p++ = '3'; *p++ = '4'; *p++ = ' '; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
718 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
719 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
720 *p++ = '+'; *p++ = ' '; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
721 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
722 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
723 p = ngx_cpymem(p, ctx->header_start, len); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
724 *p++ = CR; *p = LF; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
725 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
726 continue; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
727 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
728 |
527 | 729 /* ignore other headers */ |
730 | |
731 continue; | |
732 } | |
733 | |
734 if (rc == NGX_DONE) { | |
1136 | 735 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
736 "mail auth http header done"); | |
527 | 737 |
738 ngx_close_connection(ctx->peer.connection); | |
739 | |
740 if (ctx->err.len) { | |
1136 | 741 |
567 | 742 ngx_log_error(NGX_LOG_INFO, s->connection->log, 0, |
743 "client login failed: \"%V\"", &ctx->errmsg); | |
744 | |
1136 | 745 if (s->protocol == NGX_MAIL_SMTP_PROTOCOL) { |
746 | |
747 if (ctx->errcode.len == 0) { | |
748 ctx->errcode = ngx_mail_smtp_errcode; | |
749 } | |
750 | |
751 ctx->err.len = ctx->errcode.len + ctx->errmsg.len | |
752 + sizeof(" " CRLF) - 1; | |
753 | |
2049 | 754 p = ngx_pnalloc(s->connection->pool, ctx->err.len); |
1166 | 755 if (p == NULL) { |
756 ngx_destroy_pool(ctx->pool); | |
757 ngx_mail_session_internal_server_error(s); | |
758 return; | |
759 } | |
1136 | 760 |
1166 | 761 ctx->err.data = p; |
1136 | 762 |
1166 | 763 p = ngx_cpymem(p, ctx->errcode.data, ctx->errcode.len); |
1136 | 764 *p++ = ' '; |
1166 | 765 p = ngx_cpymem(p, ctx->errmsg.data, ctx->errmsg.len); |
1136 | 766 *p++ = CR; *p = LF; |
767 } | |
768 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
769 s->out = ctx->errsasl; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
770 s->auth_err = ctx->err; |
547 | 771 timer = ctx->sleep; |
527 | 772 |
547 | 773 ngx_destroy_pool(ctx->pool); |
774 | |
775 if (timer == 0) { | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
776 s->auth_quit = 1; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
777 ngx_mail_auth_send_error(s); |
541 | 778 return; |
779 } | |
539 | 780 |
1640 | 781 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
527 | 782 |
1136 | 783 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
527 | 784 |
785 return; | |
786 } | |
787 | |
883 | 788 if (s->auth_wait) { |
789 timer = ctx->sleep; | |
790 | |
791 ngx_destroy_pool(ctx->pool); | |
792 | |
793 if (timer == 0) { | |
1136 | 794 ngx_mail_auth_http_init(s); |
883 | 795 return; |
796 } | |
797 | |
1640 | 798 ngx_add_timer(s->connection->read, (ngx_msec_t) (timer * 1000)); |
883 | 799 |
1136 | 800 s->connection->read->handler = ngx_mail_auth_sleep_handler; |
883 | 801 |
802 return; | |
803 } | |
804 | |
527 | 805 if (ctx->addr.len == 0 || ctx->port.len == 0) { |
806 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 807 "auth http server %V did not send server or port", |
884 | 808 ctx->peer.name); |
547 | 809 ngx_destroy_pool(ctx->pool); |
1136 | 810 ngx_mail_session_internal_server_error(s); |
527 | 811 return; |
812 } | |
813 | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
814 if (s->passwd.data == NULL |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
815 && s->protocol != NGX_MAIL_SMTP_PROTOCOL) |
1136 | 816 { |
800 | 817 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
818 "auth http server %V did not send password", | |
884 | 819 ctx->peer.name); |
800 | 820 ngx_destroy_pool(ctx->pool); |
1136 | 821 ngx_mail_session_internal_server_error(s); |
800 | 822 return; |
823 } | |
824 | |
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3267
diff
changeset
|
825 peer = ngx_pcalloc(s->connection->pool, sizeof(ngx_addr_t)); |
884 | 826 if (peer == NULL) { |
547 | 827 ngx_destroy_pool(ctx->pool); |
1136 | 828 ngx_mail_session_internal_server_error(s); |
527 | 829 return; |
830 } | |
831 | |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
832 rc = ngx_parse_addr(s->connection->pool, peer, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
833 ctx->addr.data, ctx->addr.len); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
834 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
835 switch (rc) { |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
836 case NGX_OK: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
837 break; |
2855
a96a8c916b0c
mail proxy listen IPv6 support
Igor Sysoev <igor@sysoev.ru>
parents:
2748
diff
changeset
|
838 |
5134
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
839 case NGX_DECLINED: |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
840 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
841 "auth http server %V sent invalid server " |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
842 "address:\"%V\"", |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
843 ctx->peer.name, &ctx->addr); |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
844 /* fall through */ |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
845 |
c788e54090de
Mail: IPv6 backends (ticket #323).
Ruslan Ermilov <ru@nginx.com>
parents:
4971
diff
changeset
|
846 default: |
547 | 847 ngx_destroy_pool(ctx->pool); |
1136 | 848 ngx_mail_session_internal_server_error(s); |
527 | 849 return; |
850 } | |
851 | |
852 port = ngx_atoi(ctx->port.data, ctx->port.len); | |
4227 | 853 if (port == NGX_ERROR || port < 1 || port > 65535) { |
527 | 854 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
541 | 855 "auth http server %V sent invalid server " |
856 "port:\"%V\"", | |
884 | 857 ctx->peer.name, &ctx->port); |
547 | 858 ngx_destroy_pool(ctx->pool); |
1136 | 859 ngx_mail_session_internal_server_error(s); |
527 | 860 return; |
861 } | |
862 | |
6597 | 863 ngx_inet_set_port(peer->sockaddr, (in_port_t) port); |
527 | 864 |
865 len = ctx->addr.len + 1 + ctx->port.len; | |
866 | |
884 | 867 peer->name.len = len; |
527 | 868 |
2049 | 869 peer->name.data = ngx_pnalloc(s->connection->pool, len); |
884 | 870 if (peer->name.data == NULL) { |
547 | 871 ngx_destroy_pool(ctx->pool); |
1136 | 872 ngx_mail_session_internal_server_error(s); |
527 | 873 return; |
874 } | |
875 | |
876 len = ctx->addr.len; | |
877 | |
884 | 878 ngx_memcpy(peer->name.data, ctx->addr.data, len); |
527 | 879 |
884 | 880 peer->name.data[len++] = ':'; |
527 | 881 |
884 | 882 ngx_memcpy(peer->name.data + len, ctx->port.data, ctx->port.len); |
527 | 883 |
547 | 884 ngx_destroy_pool(ctx->pool); |
1136 | 885 ngx_mail_proxy_init(s, peer); |
527 | 886 |
887 return; | |
888 } | |
889 | |
890 if (rc == NGX_AGAIN ) { | |
891 return; | |
892 } | |
893 | |
894 /* rc == NGX_ERROR */ | |
895 | |
896 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
541 | 897 "auth http server %V sent invalid header in response", |
884 | 898 ctx->peer.name); |
527 | 899 ngx_close_connection(ctx->peer.connection); |
547 | 900 ngx_destroy_pool(ctx->pool); |
1136 | 901 ngx_mail_session_internal_server_error(s); |
527 | 902 |
903 return; | |
904 } | |
905 } | |
906 | |
521 | 907 |
527 | 908 static void |
1136 | 909 ngx_mail_auth_sleep_handler(ngx_event_t *rev) |
527 | 910 { |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
911 ngx_connection_t *c; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
912 ngx_mail_session_t *s; |
527 | 913 |
1136 | 914 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail auth sleep handler"); |
527 | 915 |
916 c = rev->data; | |
917 s = c->data; | |
918 | |
919 if (rev->timedout) { | |
920 | |
921 rev->timedout = 0; | |
922 | |
883 | 923 if (s->auth_wait) { |
924 s->auth_wait = 0; | |
1136 | 925 ngx_mail_auth_http_init(s); |
883 | 926 return; |
927 } | |
928 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
929 ngx_mail_auth_send_error(s); |
527 | 930 return; |
931 } | |
932 | |
933 if (rev->active) { | |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
934 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
1477 | 935 ngx_mail_close_connection(c); |
527 | 936 } |
937 } | |
938 } | |
939 | |
940 | |
9290
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
941 static void |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
942 ngx_mail_auth_send_error(ngx_mail_session_t *s) |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
943 { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
944 ngx_event_t *rev; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
945 ngx_connection_t *c; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
946 ngx_mail_core_srv_conf_t *cscf; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
947 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
948 c = s->connection; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
949 rev = c->read; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
950 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
951 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
952 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
953 rev->handler = cscf->protocol->auth_state; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
954 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
955 s->auth_method = NGX_MAIL_AUTH_PLAIN; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
956 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
957 c->log->action = "in auth state"; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
958 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
959 if (s->out.len == 0) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
960 s->out = s->auth_err; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
961 s->quit = s->auth_quit; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
962 ngx_str_null(&s->auth_err); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
963 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
964 s->state = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
965 s->mail_state = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
966 s->tag.len = 0; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
967 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
968 } else { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
969 s->auth_err.len -= s->tag.len; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
970 s->auth_err.data += s->tag.len; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
971 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
972 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
973 ngx_mail_send(c->write); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
974 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
975 if (c->destroyed) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
976 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
977 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
978 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
979 ngx_add_timer(rev, cscf->timeout); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
980 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
981 if (rev->ready) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
982 rev->handler(rev); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
983 return; |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
984 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
985 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
986 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
987 ngx_mail_close_connection(c); |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
988 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
989 } |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
990 |
4538c1ffb0f8
Mail: added support for XOAUTH2 and OAUTHBEARER authentication.
Maxim Dounin <mdounin@mdounin.ru>
parents:
9274
diff
changeset
|
991 |
527 | 992 static ngx_int_t |
1136 | 993 ngx_mail_auth_http_parse_header_line(ngx_mail_session_t *s, |
994 ngx_mail_auth_http_ctx_t *ctx) | |
527 | 995 { |
996 u_char c, ch, *p; | |
997 enum { | |
998 sw_start = 0, | |
999 sw_name, | |
1000 sw_space_before_value, | |
1001 sw_value, | |
1002 sw_space_after_value, | |
577 | 1003 sw_almost_done, |
527 | 1004 sw_header_almost_done |
1005 } state; | |
1006 | |
577 | 1007 state = ctx->state; |
527 | 1008 |
1009 for (p = ctx->response->pos; p < ctx->response->last; p++) { | |
1010 ch = *p; | |
1011 | |
1012 switch (state) { | |
1013 | |
1014 /* first char */ | |
1015 case sw_start: | |
1016 | |
1017 switch (ch) { | |
1018 case CR: | |
577 | 1019 ctx->header_end = p; |
527 | 1020 state = sw_header_almost_done; |
1021 break; | |
577 | 1022 case LF: |
527 | 1023 ctx->header_end = p; |
1024 goto header_done; | |
1025 default: | |
1026 state = sw_name; | |
1027 ctx->header_name_start = p; | |
1028 | |
1029 c = (u_char) (ch | 0x20); | |
1030 if (c >= 'a' && c <= 'z') { | |
1031 break; | |
1032 } | |
1033 | |
1034 if (ch >= '0' && ch <= '9') { | |
1035 break; | |
1036 } | |
1037 | |
1038 return NGX_ERROR; | |
1039 } | |
1040 break; | |
1041 | |
1042 /* header name */ | |
1043 case sw_name: | |
1044 c = (u_char) (ch | 0x20); | |
1045 if (c >= 'a' && c <= 'z') { | |
1046 break; | |
1047 } | |
1048 | |
1049 if (ch == ':') { | |
1050 ctx->header_name_end = p; | |
1051 state = sw_space_before_value; | |
1052 break; | |
1053 } | |
1054 | |
1055 if (ch == '-') { | |
1056 break; | |
1057 } | |
1058 | |
1059 if (ch >= '0' && ch <= '9') { | |
1060 break; | |
1061 } | |
1062 | |
1063 if (ch == CR) { | |
1064 ctx->header_name_end = p; | |
1065 ctx->header_start = p; | |
1066 ctx->header_end = p; | |
1067 state = sw_almost_done; | |
1068 break; | |
1069 } | |
1070 | |
1071 if (ch == LF) { | |
1072 ctx->header_name_end = p; | |
1073 ctx->header_start = p; | |
1074 ctx->header_end = p; | |
1075 goto done; | |
1076 } | |
1077 | |
1078 return NGX_ERROR; | |
1079 | |
1080 /* space* before header value */ | |
1081 case sw_space_before_value: | |
1082 switch (ch) { | |
1083 case ' ': | |
1084 break; | |
1085 case CR: | |
1086 ctx->header_start = p; | |
1087 ctx->header_end = p; | |
1088 state = sw_almost_done; | |
1089 break; | |
1090 case LF: | |
1091 ctx->header_start = p; | |
1092 ctx->header_end = p; | |
1093 goto done; | |
1094 default: | |
1095 ctx->header_start = p; | |
1096 state = sw_value; | |
1097 break; | |
1098 } | |
1099 break; | |
1100 | |
1101 /* header value */ | |
1102 case sw_value: | |
1103 switch (ch) { | |
1104 case ' ': | |
1105 ctx->header_end = p; | |
1106 state = sw_space_after_value; | |
1107 break; | |
1108 case CR: | |
1109 ctx->header_end = p; | |
1110 state = sw_almost_done; | |
1111 break; | |
1112 case LF: | |
1113 ctx->header_end = p; | |
1114 goto done; | |
1115 } | |
1116 break; | |
1117 | |
1118 /* space* before end of header line */ | |
1119 case sw_space_after_value: | |
1120 switch (ch) { | |
1121 case ' ': | |
1122 break; | |
1123 case CR: | |
1124 state = sw_almost_done; | |
1125 break; | |
1126 case LF: | |
1127 goto done; | |
1128 default: | |
1129 state = sw_value; | |
1130 break; | |
1131 } | |
1132 break; | |
1133 | |
1134 /* end of header line */ | |
1135 case sw_almost_done: | |
1136 switch (ch) { | |
1137 case LF: | |
1138 goto done; | |
1139 default: | |
1140 return NGX_ERROR; | |
1141 } | |
1142 | |
1143 /* end of header */ | |
1144 case sw_header_almost_done: | |
1145 switch (ch) { | |
1146 case LF: | |
1147 goto header_done; | |
1148 default: | |
1149 return NGX_ERROR; | |
1150 } | |
1151 } | |
1152 } | |
1153 | |
1154 ctx->response->pos = p; | |
1155 ctx->state = state; | |
1156 | |
1157 return NGX_AGAIN; | |
1158 | |
1159 done: | |
1160 | |
1161 ctx->response->pos = p + 1; | |
1162 ctx->state = sw_start; | |
1163 | |
1164 return NGX_OK; | |
1165 | |
1166 header_done: | |
1167 | |
1168 ctx->response->pos = p + 1; | |
1169 ctx->state = sw_start; | |
1170 | |
1171 return NGX_DONE; | |
521 | 1172 } |
1173 | |
1174 | |
1175 static void | |
1136 | 1176 ngx_mail_auth_http_block_read(ngx_event_t *rev) |
521 | 1177 { |
1178 ngx_connection_t *c; | |
1136 | 1179 ngx_mail_session_t *s; |
1180 ngx_mail_auth_http_ctx_t *ctx; | |
521 | 1181 |
1136 | 1182 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, |
1183 "mail auth http block read"); | |
521 | 1184 |
2388
722b5aff05ae
use "!= NGX_OK" instead of "== NGX_ERROR"
Igor Sysoev <igor@sysoev.ru>
parents:
2310
diff
changeset
|
1185 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
521 | 1186 c = rev->data; |
1187 s = c->data; | |
1188 | |
1136 | 1189 ctx = ngx_mail_get_module_ctx(s, ngx_mail_auth_http_module); |
521 | 1190 |
525 | 1191 ngx_close_connection(ctx->peer.connection); |
547 | 1192 ngx_destroy_pool(ctx->pool); |
1136 | 1193 ngx_mail_session_internal_server_error(s); |
521 | 1194 } |
1195 } | |
1196 | |
1197 | |
1198 static void | |
1136 | 1199 ngx_mail_auth_http_dummy_handler(ngx_event_t *ev) |
521 | 1200 { |
1136 | 1201 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, ev->log, 0, |
1202 "mail auth http dummy handler"); | |
521 | 1203 } |
1204 | |
1205 | |
1206 static ngx_buf_t * | |
1136 | 1207 ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool, |
1208 ngx_mail_auth_http_conf_t *ahcf) | |
521 | 1209 { |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1210 size_t len; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1211 ngx_buf_t *b; |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1212 ngx_str_t login, passwd; |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1213 ngx_connection_t *c; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1214 #if (NGX_MAIL_SSL) |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1215 ngx_str_t protocol, cipher, verify, subject, issuer, |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1216 serial, fingerprint, raw_cert, cert; |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1217 ngx_mail_ssl_conf_t *sslcf; |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1218 #endif |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1219 ngx_mail_core_srv_conf_t *cscf; |
633 | 1220 |
1136 | 1221 if (ngx_mail_auth_http_escape(pool, &s->login, &login) != NGX_OK) { |
633 | 1222 return NULL; |
1223 } | |
1224 | |
1136 | 1225 if (ngx_mail_auth_http_escape(pool, &s->passwd, &passwd) != NGX_OK) { |
633 | 1226 return NULL; |
1227 } | |
521 | 1228 |
7801
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1229 c = s->connection; |
777373b5a169
Mail: fixed build without SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7794
diff
changeset
|
1230 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1231 #if (NGX_MAIL_SSL) |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1232 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1233 if (c->ssl) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1234 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1235 if (ngx_ssl_get_protocol(c, pool, &protocol) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1236 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1237 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1238 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1239 protocol.len = ngx_strlen(protocol.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1240 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1241 if (ngx_ssl_get_cipher_name(c, pool, &cipher) != NGX_OK) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1242 return NULL; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1243 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1244 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1245 cipher.len = ngx_strlen(cipher.data); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1246 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1247 } else { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1248 ngx_str_null(&protocol); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1249 ngx_str_null(&cipher); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1250 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1251 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1252 sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1253 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1254 if (c->ssl && sslcf->verify) { |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1255 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1256 /* certificate details */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1257 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1258 if (ngx_ssl_get_client_verify(c, pool, &verify) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1259 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1260 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1261 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1262 if (ngx_ssl_get_subject_dn(c, pool, &subject) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1263 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1264 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1265 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1266 if (ngx_ssl_get_issuer_dn(c, pool, &issuer) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1267 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1268 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1269 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1270 if (ngx_ssl_get_serial_number(c, pool, &serial) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1271 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1272 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1273 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1274 if (ngx_ssl_get_fingerprint(c, pool, &fingerprint) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1275 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1276 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1277 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1278 if (ahcf->pass_client_cert) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1279 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1280 /* certificate itself, if configured */ |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1281 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1282 if (ngx_ssl_get_raw_certificate(c, pool, &raw_cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1283 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1284 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1285 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1286 if (ngx_mail_auth_http_escape(pool, &raw_cert, &cert) != NGX_OK) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1287 return NULL; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1288 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1289 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1290 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1291 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1292 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1293 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1294 } else { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1295 ngx_str_null(&verify); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1296 ngx_str_null(&subject); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1297 ngx_str_null(&issuer); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1298 ngx_str_null(&serial); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1299 ngx_str_null(&fingerprint); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1300 ngx_str_null(&cert); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1301 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1302 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1303 #endif |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1304 |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1305 cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1306 |
521 | 1307 len = sizeof("GET ") - 1 + ahcf->uri.len + sizeof(" HTTP/1.0" CRLF) - 1 |
1308 + sizeof("Host: ") - 1 + ahcf->host_header.len + sizeof(CRLF) - 1 | |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1309 + sizeof("Auth-Method: ") - 1 |
1136 | 1310 + ngx_mail_auth_http_method[s->auth_method].len |
856
0197d6aae54e
use correct auth method length
Igor Sysoev <igor@sysoev.ru>
parents:
854
diff
changeset
|
1311 + sizeof(CRLF) - 1 |
633 | 1312 + sizeof("Auth-User: ") - 1 + login.len + sizeof(CRLF) - 1 |
1313 + sizeof("Auth-Pass: ") - 1 + passwd.len + sizeof(CRLF) - 1 | |
800 | 1314 + sizeof("Auth-Salt: ") - 1 + s->salt.len |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1315 + sizeof("Auth-Protocol: ") - 1 + cscf->protocol->name.len |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1316 + sizeof(CRLF) - 1 |
527 | 1317 + sizeof("Auth-Login-Attempt: ") - 1 + NGX_INT_T_LEN |
1318 + sizeof(CRLF) - 1 | |
521 | 1319 + sizeof("Client-IP: ") - 1 + s->connection->addr_text.len |
1320 + sizeof(CRLF) - 1 | |
2309 | 1321 + sizeof("Client-Host: ") - 1 + s->host.len + sizeof(CRLF) - 1 |
1285
0c10dc6a8e74
fix memory allocation for auth_http_header
Igor Sysoev <igor@sysoev.ru>
parents:
1166
diff
changeset
|
1322 + ahcf->header.len |
521 | 1323 + sizeof(CRLF) - 1; |
1324 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1325 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1326 len += sizeof("Proxy-Protocol-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1327 + c->proxy_protocol->src_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1328 + sizeof("Proxy-Protocol-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1329 + sizeof("65535") - 1 + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1330 + sizeof("Proxy-Protocol-Server-Addr: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1331 + c->proxy_protocol->dst_addr.len + sizeof(CRLF) - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1332 + sizeof("Proxy-Protocol-Server-Port: ") - 1 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1333 + sizeof("65535") - 1 + sizeof(CRLF) - 1; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1334 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1335 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1336 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1337 len += sizeof("Auth-SMTP-Helo: ") - 1 + s->smtp_helo.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1338 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1339 + sizeof("Auth-SMTP-From: ") - 1 + s->smtp_from.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1340 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1341 + sizeof("Auth-SMTP-To: ") - 1 + s->smtp_to.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1342 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1343 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1344 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1345 #if (NGX_MAIL_SSL) |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1346 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1347 if (c->ssl) { |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1348 len += sizeof("Auth-SSL: on" CRLF) - 1 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1349 + sizeof("Auth-SSL-Protocol: ") - 1 + protocol.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1350 + sizeof(CRLF) - 1 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1351 + sizeof("Auth-SSL-Cipher: ") - 1 + cipher.len |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1352 + sizeof(CRLF) - 1 |
7793
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1353 + sizeof("Auth-SSL-Verify: ") - 1 + verify.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1354 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1355 + sizeof("Auth-SSL-Subject: ") - 1 + subject.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1356 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1357 + sizeof("Auth-SSL-Issuer: ") - 1 + issuer.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1358 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1359 + sizeof("Auth-SSL-Serial: ") - 1 + serial.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1360 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1361 + sizeof("Auth-SSL-Fingerprint: ") - 1 + fingerprint.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1362 + sizeof(CRLF) - 1 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1363 + sizeof("Auth-SSL-Cert: ") - 1 + cert.len |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1364 + sizeof(CRLF) - 1; |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1365 } |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1366 |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1367 #endif |
44ebeeceb70e
Mail: made auth http creating request easier to extend.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6774
diff
changeset
|
1368 |
547 | 1369 b = ngx_create_temp_buf(pool, len); |
521 | 1370 if (b == NULL) { |
1371 return NULL; | |
1372 } | |
1373 | |
1374 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | |
573 | 1375 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
521 | 1376 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
1377 sizeof(" HTTP/1.0" CRLF) - 1); | |
1378 | |
1379 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | |
573 | 1380 b->last = ngx_copy(b->last, ahcf->host_header.data, |
521 | 1381 ahcf->host_header.len); |
1382 *b->last++ = CR; *b->last++ = LF; | |
1383 | |
800 | 1384 b->last = ngx_cpymem(b->last, "Auth-Method: ", |
1385 sizeof("Auth-Method: ") - 1); | |
1386 b->last = ngx_cpymem(b->last, | |
1136 | 1387 ngx_mail_auth_http_method[s->auth_method].data, |
1388 ngx_mail_auth_http_method[s->auth_method].len); | |
800 | 1389 *b->last++ = CR; *b->last++ = LF; |
521 | 1390 |
1391 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | |
633 | 1392 b->last = ngx_copy(b->last, login.data, login.len); |
521 | 1393 *b->last++ = CR; *b->last++ = LF; |
1394 | |
1395 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | |
633 | 1396 b->last = ngx_copy(b->last, passwd.data, passwd.len); |
521 | 1397 *b->last++ = CR; *b->last++ = LF; |
1398 | |
1136 | 1399 if (s->auth_method != NGX_MAIL_AUTH_PLAIN && s->salt.len) { |
800 | 1400 b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1); |
1401 b->last = ngx_copy(b->last, s->salt.data, s->salt.len); | |
1402 | |
1403 s->passwd.data = NULL; | |
1404 } | |
1405 | |
521 | 1406 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1407 sizeof("Auth-Protocol: ") - 1); | |
1487
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1408 b->last = ngx_cpymem(b->last, cscf->protocol->name.data, |
f69493e8faab
ngx_mail_pop3_module, ngx_mail_imap_module, and ngx_mail_smtp_module
Igor Sysoev <igor@sysoev.ru>
parents:
1478
diff
changeset
|
1409 cscf->protocol->name.len); |
521 | 1410 *b->last++ = CR; *b->last++ = LF; |
1411 | |
527 | 1412 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1413 s->login_attempt); | |
1414 | |
521 | 1415 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
573 | 1416 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
2309 | 1417 s->connection->addr_text.len); |
521 | 1418 *b->last++ = CR; *b->last++ = LF; |
1419 | |
2309 | 1420 if (s->host.len) { |
1421 b->last = ngx_cpymem(b->last, "Client-Host: ", | |
1422 sizeof("Client-Host: ") - 1); | |
1423 b->last = ngx_copy(b->last, s->host.data, s->host.len); | |
1424 *b->last++ = CR; *b->last++ = LF; | |
1425 } | |
1426 | |
7794
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1427 if (c->proxy_protocol) { |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1428 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1429 sizeof("Proxy-Protocol-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1430 b->last = ngx_copy(b->last, c->proxy_protocol->src_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1431 c->proxy_protocol->src_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1432 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1433 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1434 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1435 c->proxy_protocol->src_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1436 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1437 b->last = ngx_cpymem(b->last, "Proxy-Protocol-Server-Addr: ", |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1438 sizeof("Proxy-Protocol-Server-Addr: ") - 1); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1439 b->last = ngx_copy(b->last, c->proxy_protocol->dst_addr.data, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1440 c->proxy_protocol->dst_addr.len); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1441 *b->last++ = CR; *b->last++ = LF; |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1442 |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1443 b->last = ngx_sprintf(b->last, "Proxy-Protocol-Server-Port: %d" CRLF, |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1444 c->proxy_protocol->dst_port); |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1445 } |
12ea1de7d87c
Mail: parsing of the PROXY protocol from clients.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7793
diff
changeset
|
1446 |
2309 | 1447 if (s->auth_method == NGX_MAIL_AUTH_NONE) { |
1448 | |
1449 /* HELO, MAIL FROM, and RCPT TO can't contain CRLF, no need to escape */ | |
1450 | |
1451 b->last = ngx_cpymem(b->last, "Auth-SMTP-Helo: ", | |
1452 sizeof("Auth-SMTP-Helo: ") - 1); | |
1453 b->last = ngx_copy(b->last, s->smtp_helo.data, s->smtp_helo.len); | |
1454 *b->last++ = CR; *b->last++ = LF; | |
1455 | |
1456 b->last = ngx_cpymem(b->last, "Auth-SMTP-From: ", | |
1457 sizeof("Auth-SMTP-From: ") - 1); | |
1458 b->last = ngx_copy(b->last, s->smtp_from.data, s->smtp_from.len); | |
1459 *b->last++ = CR; *b->last++ = LF; | |
1460 | |
1461 b->last = ngx_cpymem(b->last, "Auth-SMTP-To: ", | |
1462 sizeof("Auth-SMTP-To: ") - 1); | |
1463 b->last = ngx_copy(b->last, s->smtp_to.data, s->smtp_to.len); | |
1464 *b->last++ = CR; *b->last++ = LF; | |
1465 | |
1466 } | |
1467 | |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1468 #if (NGX_MAIL_SSL) |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1469 |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1470 if (c->ssl) { |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1471 b->last = ngx_cpymem(b->last, "Auth-SSL: on" CRLF, |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1472 sizeof("Auth-SSL: on" CRLF) - 1); |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1473 |
7905
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1474 if (protocol.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1475 b->last = ngx_cpymem(b->last, "Auth-SSL-Protocol: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1476 sizeof("Auth-SSL-Protocol: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1477 b->last = ngx_copy(b->last, protocol.data, protocol.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1478 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1479 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1480 |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1481 if (cipher.len) { |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1482 b->last = ngx_cpymem(b->last, "Auth-SSL-Cipher: ", |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1483 sizeof("Auth-SSL-Cipher: ") - 1); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1484 b->last = ngx_copy(b->last, cipher.data, cipher.len); |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1485 *b->last++ = CR; *b->last++ = LF; |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1486 } |
13d0c1d26d47
Mail: Auth-SSL-Protocol and Auth-SSL-Cipher headers (ticket #2134).
Rob Mueller <robm@fastmail.fm>
parents:
7801
diff
changeset
|
1487 |
5990
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1488 if (verify.len) { |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1489 b->last = ngx_cpymem(b->last, "Auth-SSL-Verify: ", |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1490 sizeof("Auth-SSL-Verify: ") - 1); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1491 b->last = ngx_copy(b->last, verify.data, verify.len); |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1492 *b->last++ = CR; *b->last++ = LF; |
6a7c6973d6fc
Mail: don't emit Auth-SSL-Verify with disabled ssl_verify_client.
Sergey Kandaurov <pluknet@nginx.com>
parents:
5989
diff
changeset
|
1493 } |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1494 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1495 if (subject.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1496 b->last = ngx_cpymem(b->last, "Auth-SSL-Subject: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1497 sizeof("Auth-SSL-Subject: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1498 b->last = ngx_copy(b->last, subject.data, subject.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1499 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1500 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1501 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1502 if (issuer.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1503 b->last = ngx_cpymem(b->last, "Auth-SSL-Issuer: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1504 sizeof("Auth-SSL-Issuer: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1505 b->last = ngx_copy(b->last, issuer.data, issuer.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1506 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1507 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1508 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1509 if (serial.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1510 b->last = ngx_cpymem(b->last, "Auth-SSL-Serial: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1511 sizeof("Auth-SSL-Serial: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1512 b->last = ngx_copy(b->last, serial.data, serial.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1513 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1514 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1515 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1516 if (fingerprint.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1517 b->last = ngx_cpymem(b->last, "Auth-SSL-Fingerprint: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1518 sizeof("Auth-SSL-Fingerprint: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1519 b->last = ngx_copy(b->last, fingerprint.data, fingerprint.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1520 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1521 } |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1522 |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1523 if (cert.len) { |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1524 b->last = ngx_cpymem(b->last, "Auth-SSL-Cert: ", |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1525 sizeof("Auth-SSL-Cert: ") - 1); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1526 b->last = ngx_copy(b->last, cert.data, cert.len); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1527 *b->last++ = CR; *b->last++ = LF; |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1528 } |
5988
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1529 } |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1530 |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1531 #endif |
3b3f789655dc
Mail: added Auth-SSL header to indicate SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5987
diff
changeset
|
1532 |
573 | 1533 if (ahcf->header.len) { |
1534 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1535 } | |
1536 | |
521 | 1537 /* add "\r\n" at the header end */ |
1538 *b->last++ = CR; *b->last++ = LF; | |
1539 | |
1136 | 1540 #if (NGX_DEBUG_MAIL_PASSWD) |
6001
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1541 ngx_log_debug2(NGX_LOG_DEBUG_MAIL, s->connection->log, 0, |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1542 "mail auth http header:%N\"%*s\"", |
add12ee1d01c
Style: use %*s format, as in 68d21fd1dc64.
Ruslan Ermilov <ru@nginx.com>
parents:
5990
diff
changeset
|
1543 (size_t) (b->last - b->pos), b->pos); |
521 | 1544 #endif |
1545 | |
1546 return b; | |
1547 } | |
1548 | |
1549 | |
633 | 1550 static ngx_int_t |
1136 | 1551 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) |
633 | 1552 { |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1553 u_char *p; |
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1554 uintptr_t n; |
633 | 1555 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1556 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1557 |
1558 if (n == 0) { | |
1559 *escaped = *text; | |
1560 return NGX_OK; | |
1561 } | |
1562 | |
1563 escaped->len = text->len + n * 2; | |
1564 | |
2049 | 1565 p = ngx_pnalloc(pool, escaped->len); |
633 | 1566 if (p == NULL) { |
1567 return NGX_ERROR; | |
1568 } | |
1569 | |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1570 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH); |
633 | 1571 |
1405
fdd064faf26a
escape " ", "%", and %00-%1F in login and password
Igor Sysoev <igor@sysoev.ru>
parents:
1392
diff
changeset
|
1572 escaped->data = p; |
633 | 1573 |
1574 return NGX_OK; | |
1575 } | |
1576 | |
1577 | |
521 | 1578 static void * |
1136 | 1579 ngx_mail_auth_http_create_conf(ngx_conf_t *cf) |
577 | 1580 { |
1136 | 1581 ngx_mail_auth_http_conf_t *ahcf; |
577 | 1582 |
1136 | 1583 ahcf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_auth_http_conf_t)); |
521 | 1584 if (ahcf == NULL) { |
2912
c7d57b539248
return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents:
2855
diff
changeset
|
1585 return NULL; |
521 | 1586 } |
1587 | |
1588 ahcf->timeout = NGX_CONF_UNSET_MSEC; | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1589 ahcf->pass_client_cert = NGX_CONF_UNSET; |
521 | 1590 |
1392 | 1591 ahcf->file = cf->conf_file->file.name.data; |
1592 ahcf->line = cf->conf_file->line; | |
1593 | |
521 | 1594 return ahcf; |
1595 } | |
1596 | |
1597 | |
1598 static char * | |
1136 | 1599 ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
521 | 1600 { |
1136 | 1601 ngx_mail_auth_http_conf_t *prev = parent; |
1602 ngx_mail_auth_http_conf_t *conf = child; | |
521 | 1603 |
573 | 1604 u_char *p; |
1605 size_t len; | |
1606 ngx_uint_t i; | |
1607 ngx_table_elt_t *header; | |
1608 | |
884 | 1609 if (conf->peer == NULL) { |
1610 conf->peer = prev->peer; | |
521 | 1611 conf->host_header = prev->host_header; |
1612 conf->uri = prev->uri; | |
1392 | 1613 |
1614 if (conf->peer == NULL) { | |
1615 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4812
785ae4de268b
Corrected the directive name in the ngx_mail_auth_http_module error message.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
1616 "no \"auth_http\" is defined for server in %s:%ui", |
1392 | 1617 conf->file, conf->line); |
1618 | |
1619 return NGX_CONF_ERROR; | |
1620 } | |
521 | 1621 } |
1622 | |
1623 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | |
1624 | |
5989
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1625 ngx_conf_merge_value(conf->pass_client_cert, prev->pass_client_cert, 0); |
ec01b1d1fff1
Mail: client SSL certificates support.
Maxim Dounin <mdounin@mdounin.ru>
parents:
5988
diff
changeset
|
1626 |
573 | 1627 if (conf->headers == NULL) { |
1628 conf->headers = prev->headers; | |
1629 conf->header = prev->header; | |
1630 } | |
1631 | |
1632 if (conf->headers && conf->header.len == 0) { | |
1633 len = 0; | |
1634 header = conf->headers->elts; | |
1635 for (i = 0; i < conf->headers->nelts; i++) { | |
1636 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1637 } | |
1638 | |
2049 | 1639 p = ngx_pnalloc(cf->pool, len); |
573 | 1640 if (p == NULL) { |
1641 return NGX_CONF_ERROR; | |
1642 } | |
1643 | |
1644 conf->header.len = len; | |
1645 conf->header.data = p; | |
1646 | |
1647 for (i = 0; i < conf->headers->nelts; i++) { | |
1648 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1649 *p++ = ':'; *p++ = ' '; | |
1650 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1651 *p++ = CR; *p++ = LF; | |
1652 } | |
1653 } | |
1654 | |
521 | 1655 return NGX_CONF_OK; |
1656 } | |
1657 | |
1658 | |
1659 static char * | |
1136 | 1660 ngx_mail_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1661 { |
1136 | 1662 ngx_mail_auth_http_conf_t *ahcf = conf; |
521 | 1663 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1664 ngx_str_t *value; |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1665 ngx_url_t u; |
573 | 1666 |
521 | 1667 value = cf->args->elts; |
1668 | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1669 ngx_memzero(&u, sizeof(ngx_url_t)); |
521 | 1670 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1671 u.url = value[1]; |
906 | 1672 u.default_port = 80; |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1673 u.uri_part = 1; |
577 | 1674 |
1391
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1675 if (ngx_strncmp(u.url.data, "http://", 7) == 0) { |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1676 u.url.len -= 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1677 u.url.data += 7; |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1678 } |
4eed21047e4d
allow "http://" in auth_http URL
Igor Sysoev <igor@sysoev.ru>
parents:
1390
diff
changeset
|
1679 |
1559
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
1487
diff
changeset
|
1680 if (ngx_parse_url(cf->pool, &u) != NGX_OK) { |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1681 if (u.err) { |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1682 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1683 "%s in auth_http \"%V\"", u.err, &u.url); |
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1684 } |
1390 | 1685 |
1686 return NGX_CONF_ERROR; | |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1687 } |
521 | 1688 |
884 | 1689 ahcf->peer = u.addrs; |
521 | 1690 |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1691 if (u.family != AF_UNIX) { |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1692 ahcf->host_header = u.host; |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1693 |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1694 } else { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1695 ngx_str_set(&ahcf->host_header, "localhost"); |
3406
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1696 } |
a2a5812cf4f4
use "localhost" in "Host" header line, if unix socket is used in "auth_http"
Igor Sysoev <igor@sysoev.ru>
parents:
3269
diff
changeset
|
1697 |
805
8ee450f30c25
now the "auth_http" directive uses ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
800
diff
changeset
|
1698 ahcf->uri = u.uri; |
521 | 1699 |
559 | 1700 if (ahcf->uri.len == 0) { |
3516
dd1570b6f237
ngx_str_set() and ngx_str_null()
Igor Sysoev <igor@sysoev.ru>
parents:
3406
diff
changeset
|
1701 ngx_str_set(&ahcf->uri, "/"); |
555 | 1702 } |
1703 | |
521 | 1704 return NGX_CONF_OK; |
1705 } | |
573 | 1706 |
1707 | |
1708 static char * | |
1136 | 1709 ngx_mail_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
577 | 1710 { |
1136 | 1711 ngx_mail_auth_http_conf_t *ahcf = conf; |
573 | 1712 |
1713 ngx_str_t *value; | |
1714 ngx_table_elt_t *header; | |
1715 | |
1716 if (ahcf->headers == NULL) { | |
1717 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1718 if (ahcf->headers == NULL) { | |
1719 return NGX_CONF_ERROR; | |
1720 } | |
1721 } | |
1722 | |
1723 header = ngx_array_push(ahcf->headers); | |
1724 if (header == NULL) { | |
1725 return NGX_CONF_ERROR; | |
1726 } | |
1727 | |
1728 value = cf->args->elts; | |
1729 | |
1730 header->key = value[1]; | |
1731 header->value = value[2]; | |
1732 | |
1733 return NGX_CONF_OK; | |
1734 } |